Test authentication with profiler

pulibrary · May 26, 2023 · 7e08a3b · 7e08a3b
1 parent c185a73
commit 7e08a3b
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 0 deletions.
diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb
@@ -54,6 +54,7 @@
   config.include Capybara::DSL
   config.include Capybara::RSpecMatchers, type: :request
   config.include Features::SessionHelpers, type: :feature
+  config.include Features::SessionHelpers, type: :system
   config.include Devise::Test::IntegrationHelpers, type: :request
 
   config.include ViewComponent::TestHelpers, type: :component

diff --git a/spec/requests/application_spec.rb b/spec/requests/application_spec.rb
@@ -94,4 +94,34 @@
       end
     end
   end
+
+  describe 'profiling authentication' do
+    let(:user) { FactoryBot.create(:user) }
+    before do
+      login_as(user)
+      allow(ApplicationController).to receive(:current_user).and_return(user)
+    end
+
+    context 'as a non-admin user' do
+      it 'does not authorize the user' do
+        allow(Rack::MiniProfiler).to receive(:authorize_request)
+        get '/'
+        expect(Rack::MiniProfiler).not_to have_received(:authorize_request)
+      end
+    end
+    context 'as an admin user' do
+      around do |example|
+        cached_admin_netids = ENV['ORANGELIGHT_ADMIN_NETIDS'] || ''
+        ENV['ORANGELIGHT_ADMIN_NETIDS'] = cached_admin_netids + " #{user.uid}"
+        example.run
+        ENV['ORANGELIGHT_ADMIN_NETIDS'] = cached_admin_netids
+      end
+
+      it 'authorizes the user' do
+        allow(Rack::MiniProfiler).to receive(:authorize_request)
+        get '/'
+        expect(Rack::MiniProfiler).to have_received(:authorize_request)
+      end
+    end
+  end
 end